PerimeterX Code Defender™
Stop client-side data breaches
PerimeterX Code Defender is a client-side application security solution that continuously protects your website from digital skimming, formjacking and Magecart attacks, stopping data breaches and reducing your risk of non-compliance.
Stop Client-side Attacks
- Detect
- Analyze
- Mitigate
Client-side JavaScript code is a significant blind side for web application developers since they run on the end users’ browsers, outside the protection provided by legacy security solutions like WAFs and firewalls. Malicious Shadow Code in first- and third-party scripts can modify page elements, insert fake checkout buttons or skim personally identifiable information from your website, including credit card numbers and passwords.
Code Defender detects suspicious script behavior by automatically inventorying and baselining the behavior of all client-side JavaScript on your website. Using a lightweight JavaScript Sensor and an Enforcer that manages content security policy (CSP) rules, Code Defender continuously monitors all client-side scripts, looking for anomalous activity such as changes in behavior, communication with new network domains or modifications to the DOM which could leave the website open to compromise and result in theft of personal data.
Read Case StudyWe wanted to find the anomalies and changes in our client-side scripts. The Code Defender behavioral analysis solution greatly simplifies this process.
Why PerimeterX
Full Visibility and Control
Code Defender gives you continuous visibility and control over first-, third- and Nth-party scripts running on your website and protects you against a wide range of attack techniques.
Behavior-based Learning
Code Defender automatically learns, inventories and baselines all script activity on your web pages, eliminating the need to manually inventory your website scripts and pre-configure policies.
Multi-layered Protection
Unlike other solutions that rely exclusively on CSP rules, Code Defender provides multi-layered protection by combining the rich intelligence of a JavaScript Sensor with the standards-based enforcement capabilities of CSP.
Preserves User Experience
Code Defender preserves your user experience and page load performance by executing the JavaScript Sensor asynchronously. Unlike sandbox-based or proxy-based solutions that impact app performance, Code Defender ensures quick response times and a positive experience for your users.
Threat Research Leadership
Proactive research from the PerimeterX research team is used to continuously improve Code Defender detection and to provide actionable context on alerts.
Enterprise-level Customer Services
Our 24/7/365 proactive security team is always available via multiple channels to help you investigate security incidents, provide actionable insights and function as an extension of your team.
Powered by the PerimeterX Platform
Code Defender runs on the PerimeterX Platform, a set of cloud-native infrastructure and services that powers an award-winning suite of application protection solutions, enabling full visibility and control of your web and mobile applications and APIs. The Platform also powers PerimeterX Bot Defender and PerimeterX Page Defender which protect your website against security threats including malicious bots, unwanted browser extensions and ad injections.
How Code Defender Works
Collect
The PerimeterX Sensor collects activity signals from the client-side browser including interactions with the DOM, network domains and local storage. This information is sent to the cloud-based Detector for analysis. The Sensor does not collect any personal data from the browser.
Analyze
The cloud-based Detector analyzes the client-side activity signals using advanced machine learning models to build a baseline profile for every first-, third- and Nth-party script running on the web page. The Detector flags any changes in script behavior or execution of new scripts and automatically generates alerts.
Mitigate
The out-of-band Enforcer works with your web server or CDN to automatically manage and enforce CSP rules. Updated with continuous intelligence from the Detector, the Enforcer ensures that the CSP prevents scripts from being loaded from unknown domains, and blocks malicious network communication on the client-side browser.